From 87ace5f8b6cbb9be14cf771a8962e32fd97f9660 Mon Sep 17 00:00:00 2001 From: Max Reitz Date: Wed, 22 May 2019 19:03:49 +0200 Subject: [PATCH] block: Fix order in bdrv_replace_child() We have to start by applying the permission restrictions to new_bs before we can loosen them on old_bs. See the comment for the explanation. Signed-off-by: Max Reitz Reviewed-by: Kevin Wolf Signed-off-by: Kevin Wolf --- block.c | 18 +++++++++++++----- 1 file changed, 13 insertions(+), 5 deletions(-) diff --git a/block.c b/block.c index 013369851b..b7d4149c2f 100644 --- a/block.c +++ b/block.c @@ -2240,6 +2240,19 @@ static void bdrv_replace_child(BdrvChild *child, BlockDriverState *new_bs) bdrv_replace_child_noperm(child, new_bs); + /* + * Start with the new node's permissions. If @new_bs is a (direct + * or indirect) child of @old_bs, we must complete the permission + * update on @new_bs before we loosen the restrictions on @old_bs. + * Otherwise, bdrv_check_perm() on @old_bs would re-initiate + * updating the permissions of @new_bs, and thus not purely loosen + * restrictions. + */ + if (new_bs) { + bdrv_get_cumulative_perm(new_bs, &perm, &shared_perm); + bdrv_set_perm(new_bs, perm, shared_perm); + } + if (old_bs) { /* Update permissions for old node. This is guaranteed to succeed * because we're just taking a parent away, so we're loosening @@ -2252,11 +2265,6 @@ static void bdrv_replace_child(BdrvChild *child, BlockDriverState *new_bs) * node moves back to the main AioContext */ bdrv_try_set_aio_context(old_bs, qemu_get_aio_context(), NULL); } - - if (new_bs) { - bdrv_get_cumulative_perm(new_bs, &perm, &shared_perm); - bdrv_set_perm(new_bs, perm, shared_perm); - } } /*